Interfaces and Networks

Connecting a virtual machine to a network consists of two parts. First,
networks are specified in spec.networks. Then, interfaces backed by the
networks are added to the VM by specifying them in
spec.domain.devices.interfaces.

Each interface must have a corresponding network with the same name.

An interface defines a virtual network interface of a virtual machine (also
called a frontend). A network specifies the backend of an interface and
declares which logical or physical device it is connected to (also called as
backend).

There are multiple ways of configuring an interface as well as a network.

Frontend

Network interfaces are configured in spec.domain.devices.interfaces. They
describe properties of virtual interfaces as “seen” inside guest instances. The
same network backend may be connected to a virtual machine in multiple
different ways, each with their own connectivity guarantees and
characteristics.

Each interface should declare its type by defining on of the following fields:

Type

Description

bridge

Connect using a linux bridge

slirp

Connect using QEMU user networking mode

Each interface may also have additional configuration fields that modify
properties “seen” inside guest instances, as listed below:

Name

Format

Default value

Description

model

One of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio

virtio

NIC type

macAddress

ff:ff:ff:ff:ff:ff or FF-FF-FF-FF-FF-FF

MAC address as seen inside the guest system, for example: de:ad:00:00:be:af

ports

empty

List of ports to be forwarded to the virtual machine.

kind:VMspec:domain:devices:interfaces:-name:redmodel:e1000# expose e1000 NIC to the guestbridge:{}# connect through a bridgeports:-name:httpport:80networks:-name:redpod:{}

Ports

Declare ports listen by the virtual machine

Note: When using the slirp interface only the configured ports will be forwarded to the virtual machine.

If spec.domain.devices.interfaces is omitted, the virtual machine is
connected using the default pod network interface of bridge type. If you’d
like to have a virtual machine instance without any network connectivity, you
can use the autoattachPodInterface field as follows:

kind:VMspec:domain:devices:autoattachPodInterface:false

bridge

In bridge mode, virtual machines are connected to the network backend through
a linux “bridge”. The pod network IPv4 address is delegated to the virtual
machine via DHCPv4. The virtual machine should be configured to use DHCP to
acquire IPv4 addresses.

kind:VMspec:domain:devices:interfaces:-name:redbridge:{}# connect through a bridgenetworks:-name:redpod:{}

At this time, bridge mode doesn’t support additional configuration
fields.

Note: due to IPv4 address delagation, in bridge mode the pod doesn’t
have an IP address configured, which may introduce issues with third-party
solutions that may rely on it. For example, Istio may not work in this mode.

slirp

In slirp mode, virtual machines are connected to the network backend using
QEMU user networking mode. In this mode, QEMU allocates internal IP addresses
to virtual machines and hides them behind NAT.